Skip to main content

Severity by source

NVD PRIMARY
2.7 LOW
AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Apr 13, 2022 - 18:15 nvd
LOW 2.7

DescriptionNVD

Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI

AnalysisAI

Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Use of Hard-coded Credentials (CWE-798), which allows attackers to gain access using credentials embedded in source code. Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI Affected products include: Citrix Sd-Wan 110 Firmware, Citrix Sd-Wan 210 Firmware, Citrix Sd-Wan 400 Firmware, Citrix Sd-Wan 410 Firmware, Citrix Sd-Wan 1000 Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Remove hard-coded credentials, use environment variables or secrets management, rotate exposed credentials immediately.

Share

CVE-2022-27506 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy